A NEW WEB-BASED ARCHITECTURE BASED ON IRIS BIOMETRICS TECHNIQUE TO DECREASE CREDIT CARDS FRAUDS OVERINTERNET

(1)

TRANS Asian Research Journals

http://www.tarj.in 92

P u b l i s h e d b y : T R A N S A s i a n R e s e a r c h J o u r n a l s

AJMR:

A s i a n J o u r n a l o f

M u l t i d i m e n s i o n a l

R e s e a r c h

( A D o u b l e B l i n d R e f e r r e d & R e v i e we d I n t e r n a t i o n a l J o u r n a l )

A NEW WEB-BASED ARCHITECTURE BASED ON IRIS BIOMETRICS

TECHNIQUE TO DECREASE CREDIT CARDS FRAUDS

OVERINTERNET

Aman Gupta*

*PGT (Computer Science), Madurai.

ABSTRACT

E-commerce is an outcome of globalization and technology outbreak of 21st century. Increasingly, more products and services are sold over Internet; hence, there is a growing need for a combination of legislation and technical solutions to globally secure customer privacy. Credit card fraud is one of the crimes especially when it is used for web-based transaction. In this paper, a technical solution using Iris authentication technique is proposed for protecting identity theft in e-commerce transactions because Iris patterns are unique to an individual. Further, this research proposes authentication of e-commerce users by using Iris biometric technique as one of the most secure biometric algorithms. Therefore, this research proposes a web-based architecture which uses a combination of Image Processing and secure transmission of customers‟ Iris templates along with credit card details for decreasing credit card frauds over Internet.

______________________________________________________________________________

1.INTRODUCTION

(2)

The online purchaser does not have to present a physical card, which may contain additional security features, e.g. additional code numbers, photographs. So the lack of authentication of online customers is perceived. To counter this threat, the authentication of the buyer is essential. Authentication using biometrics is a secure approach that can be proposed. In fact, biometric technique is used for preventing identity theft and false authentication. Recently, human Iris recognition is recommended as approval of human identification. This organ of the eye which is well protected from the external environment is easily visible from within one meter of distance. Iris recognition is now considered as one of the best and most precise solutions to security problems for human identification because it is the most unique feature of every person which has been discovered by now . So, Iris recognition can be used for authentication of online customers. This paper proposes a web-based architecture to use encrypted Iris pattern as biometric attribute for authentication of a customer for e-commerce transactions which includes a secure biometric template transmission scheme and a high performance algorithm for Iris recognition as human identification.

II. BACKGROUND

(3)

not. The algorithm is designed for rapid (seconds) exhaustive search of very large databases; a distinctive capability required for authentication today.

2.1. WHY IRIS-BASED AUTHENTICATION?

Having an iris-based authentication system can bring us a list of benefits, for instance

• Resistance to false matching and exceptionally high levels of accuracy, due to the unique textures of the iris

• Stability of characteristic over lifetime, since the iris is an internal organ that is well protected against damage and wear

• Suitability for both physical and logical access(in both verification and identification cases)

• Externally visible and noninvasive to the user,unlike the retina scan

• Efficient encoding and search speed (Of course, it depends on the algorithm) On the other hand, this technology also has its deficiencies, including:

• Difficulty of usage, since acquisition of the image requires moderate training and attentiveness in the non-automatic systems

• False non-matching and failure to enroll, due topoor image quality of a small moving target, sometimes obscured by eyelashes, lenses, and/orreflections

• User discomfort with eye-based technology

• Need for a proprietary acquisition device for deployment

2.2. APPLICATIONS AND FUTURE FORECAST

Iris technology takes up only 7% of the biometric market [14]. A number of factors that appear to have contributed towards little commercial success of iris based systems may include [16]:

• exaggerated claims or hype of early systems

• inadequately developed, expensive or unfriendly user interfaces

• a lack of social acceptance (for instance, themisconception of physical harm by scanning or misuse of personal information)

(4)

possessions or secrets. It is imaginable that a large future world wide identification system for individuals will store iris images as unique patterns of persons.

III. IMAGE PROCESSING

The possibility that the uniqueness of Iris of the eye could be used as a kind of optical fingerprint for personal identification was first suggested by ophthalmologists. However, John Daugman was the first person to use this idea for human identification as an algorithm . In the previous papers, the extensive amount of research has been done on Daugman‟s algorithm.

In this paper we are going to introduce an algorithm to improve the Daugman‟s algorithm in both speed and accuracy. Every Iris recognition algorithm consists of 3 main sections; these sections are as follow:

1- The image is preprocessed to detect and separate Iris from the whole image

2- Features representing the Iris patterns are extracted as a code

3- Decision is made by means of matching The basic technology of the recognition process belongs to John Daugman. He encodes Iris pattern into a 256- byte Iris code by demodulating it with 2D Gabor wavelets at many different scales, while each resultant phasor angle in the complex plane is quantized. To compare each pair of Iris codes Cj and Cx bit-by-bit, their normalized Hamming Distance (HD) is defined as the fraction of disagreeing bits between them. Wildes also makes isotropic band pass decomposition, derived from the application of Laplacian of Gaussian filters to the image data . Also, Monro, et al. presented an Iris coding method based on differences of Discrete Cosine Transform (DCT) coefficients of overlapped segments from Iris images. From all the algorithms that have proposed for Iris recognition, the Daugman‟s algorithm was the first and most famous one. That‟s why, all the previous models for online authentication has used the Daugman‟s algorithm. In this paper, a novel algorithm is introduced for Iris feature extraction to represent a code that is invariant to translation, rotation and scale. In the following sections the new coding method is described by its matching algorithm. This is the block diagram of the Iris coding system.

3.1. THE DAUGMAN’S ALGORITHM FOR IRIS LOCALIZATION

Iris localization can be completed after having ascertained the center coordinates (x0, y0) and radius (r), which are the three parameters defining the papillary circle and limbus circle. Daugman‟s algorithm localizes the iris by searching for the maximum difference of gray between the arcs. A very effective integrodifferential operator for determining these parameters is

Max (r,x0,y0) σ(r) *

(5)

complete operator behaves as a circular edge detector, blurred at a scale set by _, searching iteratively for the maximal contour integral derivative at successively finer scales of analysis through the three parameter space of center coordinates and radius (x0, y0, r) defining a path of contour integration. The operator in (1) serves to find both the pupillary boundary and the outer (limbus) boundary of the iris. A similar approach to detecting cur is used to localize both the upper and lower eyelid boundaries. The path of contour integration in (1) is changed from circular to arcuate, with spline parameters fitted by statistical estimation methods to model each eyelid boundary.

IV. SECURE TEMPLATE TRANSMISSION SCHEME

4.1 PROBLEM OF ENCRYPTION ALGORITHMS

In encryption, there are two basic problems: i) hackers have historically found ways to crack encryption, in fact, obtaining the key without being a legitimate user; and

ii) once a single legitimate copy of some content has been decrypted, a hacker is now free to make another copy of the decrypted data [9]. Some papers such as [1] suggest RSA as a cryptography method to encrypt biometric templates. RSA is a popular encryption algorithm among other algorithms but it encounters with some attacks such as timing attacks, adaptive chosen cipher text and branch prediction analysis attack. On the other hand, an attack against RSA is specifically possible when the message is short because brute force attack can be used to reveal the original message. This threat exists in iris template encryption because the volume of the “Iris Database” is very large and the biometrics information of every person is stored into it, so the Iriscode of every person shouldn‟t be very large and every Iris template is a code with 2048 bits.

4.2 PROCESS OF SECURE TRANSMISSION OF IRIS

TEMPLATES

(6)

hidden; ii) the core file, in which the secret data are to be embedded; iii) the resulting stego-file [9].

4.3 SYSTEM MODEL FOR SECURE TRANSMISSIONOF IRIS CODES

After capturing the eye image from the secure camera and performing the proposed algorithm for Iris coding the algorithm to extract the important features to be used to hide in the host image. To do this, two chaotic maps named Henon map and Logistic map are used to encrypt

Iris code. Logistic map generates a secure pseudo random sequence, which is used as the sequence key and Henon map encrypts the Iris codes. It provides the following features: 1) resistant to the finite word length affect of the

chaotic sequence; 2) very unpredictable; 3) robust against attacks; and 4) resistant to repeated group attack. In addition, the secret keys used as parameter value and initial condition of chaotic map are generated by the biometric, because biometric is very random at each enrollment of the person [9]. After encryption, the Iris code is embedded into the cover/host image and then end result of this step is a stego-image which contains encrypted and secured Iris code.

For this step, DWT-based (discrete wavelet transform) blind data hiding algorithm is used which does not require the original image to extract the iris code from the host image that contains hidden data. The reason for using DWT is due to its superior robustness against various signal processing attacks and high data compression ready to perform identification and verification in the prestored

V. CONCLUSION

This paper has proposed a new model of architecture for online credit card transactions. There are so many algorithms that have created to help human identification through Iris recognition. The most popular one is named “Daugman”. To prove this model, a program which shows better performance of Iris recognition algorithm in compare with Daugman‟s algorithm is created. In the new Iris coding algorithm, to avoid the obstruction problem of the Iris by the eyelids, a new idea which is applied on half of the Iris is suggested. Iris donut form was remapped to rectangular block in size 64 ×256. An efficient and simple feature extraction method which is based on the 2D- Haar Transform in 3 levels is presented which prepared 2048 bits for Iris code by 4 images of level 3. In order to avoid the rotation effect, the correlation operator between two Iris codes is implemented for matching instead of EXOR bit by bit. Contribution of this paper can be divided to three parts as follow:

1. An extensive amount of research has been done on Daugman‟s algorithm. The paper shows an achievement of better speed and accuracy in compare with Daugman‟s algorithm. A high performance Iris recognition algorithm is proposed which makes an Iris template from Iris image of the person who conducts an online transaction by credit card.

(7)

here. A combination of chaos theory and steganography technique is used to securelytransmit Iris templates along with credit card details. Hereby, identification of customers can be archived.

3. The companionship of proposed technique ofimage processing and steganography-based technique can create efficient Iris recognition architecture suitable for usage in the Internet.

VI. REFERENCES

[1] Vagala,R.R, Sasi,S., „Biometric Authenrication for e commerce Transaction‟, published in the proceeding of international workshop on Imaging Systems and Techniques(IEEE IST),2004

[2] Daugman JG (1993) High confidence visual recognition of persons by a test of statistical independence. IEEE- PAMI, 15: 1148-1161.